Skip to content

Commit

Permalink
PAPP-34666 set up new repo
Browse files Browse the repository at this point in the history
  • Loading branch information
@sodle-splunk
sodle-splunk committed Sep 4, 2024
1 parent 6203814 commit 79785f3
Show file tree
Hide file tree
Showing 23 changed files with 1,274 additions and 8 deletions.
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
.vscode/
16 changes: 8 additions & 8 deletions .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
repos:
- repo: https://github.com/phantomcyber/dev-cicd-tools
rev: v1.13
- repo: https://github.com/phantomcyber/dev-cicd-tools
rev: v1.18
hooks:
- id: org-hook
- id: package-app-dependencies
- repo: https://github.com/Yelp/detect-secrets
rev: v1.2.0
- id: org-hook
- id: package-app-dependencies
- repo: https://github.com/Yelp/detect-secrets
rev: v1.5.0
hooks:
- id: detect-secrets
args: ['--no-verify']
- id: detect-secrets
args: ["--no-verify"]
Empty file added __init__.py
View file
Empty file.
1 change: 1 addition & 0 deletions exclude_files.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
.git*
4 changes: 4 additions & 0 deletions readme.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
<html>
<head></head>
<body>Replace this text in the app's <b>readme.html</b> to contain more detailed information</body>
</html>
2 changes: 2 additions & 0 deletions requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
httpx[http2]==0.27.2
pydantic==1.10.13
338 changes: 338 additions & 0 deletions talosintelligence.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,338 @@
{
"appid": "7c653487-22c8-4ec1-bca0-16a8b1513c86",
"name": "Talos Intelligence",
"description": "This app provides investigative actions for Talos Intelligence",
"type": "information",
"product_vendor": "Cisco",
"logo": "talosintelligence.svg",
"logo_dark": "talosintelligence_dark.svg",
"product_name": "Talos Cloud Intelligence",
"python_version": "3",
"product_version_regex": ".*",
"publisher": "Splunk Community",
"license": "Copyright (c) Splunk Community, 2024",
"app_version": "1.0.0",
"utctime_updated": "2024-06-21T18:40:03.685771Z",
"package_name": "phantom_talosintelligence",
"main_module": "talosintelligence_connector.py",
"min_phantom_version": "6.2.1.305",
"app_wizard_version": "1.0.0",
"configuration": {
"base_url": {
"data_type": "string",
"order": 0,
"description": "Base URL provided by Talos",
"default": "consumerdev-api.talos.cisco.com",
"required": true,
"name": "base_url",
"id": 0
},
"certificate": {
"data_type": "password",
"order": 1,
"description": "Certificate contents to authenticate with Talos",
"name": "certificate",
"id": 1
},
"key": {
"data_type": "password",
"order": 2,
"description": "Private key to authenticate with Talos",
"name": "key",
"id": 2
}
},
"actions": [
{
"action": "test connectivity",
"identifier": "test_connectivity",
"description": "Validate the asset configuration for connectivity using supplied configuration",
"verbose": "",
"type": "test",
"read_only": true,
"parameters": {},
"output": [],
"versions": "EQ(*)"
},
{
"action": "ip reputation",
"identifier": "ip_reputation",
"description": "Queries IP info",
"verbose": "",
"type": "investigate",
"read_only": true,
"parameters": {
"ip": {
"description": "IP to query",
"data_type": "string",
"required": true,
"primary": true,
"contains": [
"ip"
],
"value_list": [],
"default": "",
"order": 0,
"name": "ip"
}
},
"output": [
{
"data_path": "action_result.parameter.ip",
"data_type": "string",
"contains": [
"ip"
],
"column_name": "ip",
"column_order": 0
},
{
"data_path": "action_result.status",
"data_type": "string",
"column_name": "status",
"column_order": 1
},
{
"data_path": "action_result.message",
"data_type": "string"
},
{
"data_path": "summary.total_objects",
"data_type": "numeric"
},
{
"data_path": "summary.total_objects_successful",
"data_type": "numeric"
},
{
"data_path": "action_result.data.0.Threat Level",
"data_type": "string",
"column_name": "threat level",
"column_order": 2
},
{
"data_path": "action_result.data.1.Threat Categories",
"data_type": "string",
"column_name": "threat categories",
"column_order": 3
},
{
"data_path": "action_result.data.2.Acceptable Use Policy Categories",
"data_type": "string",
"column_name": "Acceptable Use Policy Categories",
"column_order": 4
}
],
"render": {
"type": "table"
},
"versions": "EQ(*)"
},
{
"action": "domain reputation",
"identifier": "domain_reputation",
"description": "Queries domain info",
"verbose": "",
"type": "investigate",
"read_only": true,
"parameters": {
"domain": {
"description": "Domain to query",
"data_type": "string",
"required": true,
"primary": true,
"contains": [
"domain",
"url"
],
"value_list": [],
"default": "",
"order": 0,
"name": "domain"
}
},
"output": [
{
"data_path": "action_result.parameter.domain",
"data_type": "string",
"contains": [
"domain",
"url"
],
"column_name": "domain",
"column_order": 0
},
{
"data_path": "action_result.status",
"data_type": "string",
"column_name": "status",
"column_order": 1
},
{
"data_path": "action_result.message",
"data_type": "string"
},
{
"data_path": "summary.total_objects",
"data_type": "numeric"
},
{
"data_path": "summary.total_objects_successful",
"data_type": "numeric"
},
{
"data_path": "action_result.data.0.Threat Level",
"data_type": "string",
"column_name": "threat level",
"column_order": 2
},
{
"data_path": "action_result.data.1.Threat Categories",
"data_type": "string",
"column_name": "threat categories",
"column_order": 3
},
{
"data_path": "action_result.data.2.Acceptable Use Policy Categories",
"data_type": "string",
"column_name": "Acceptable Use Policy Categories",
"column_order": 4
}
],
"render": {
"type": "table"
},
"versions": "EQ(*)"
},
{
"action": "url reputation",
"identifier": "url_reputation",
"description": "Queries URL info",
"verbose": "",
"type": "investigate",
"read_only": true,
"parameters": {
"url": {
"description": "URL to query",
"data_type": "string",
"required": true,
"primary": true,
"contains": [
"url"
],
"value_list": [],
"default": "",
"order": 0,
"name": "url"
}
},
"output": [
{
"data_path": "action_result.parameter.url",
"data_type": "string",
"contains": [
"url"
],
"column_name": "url",
"column_order": 0
},
{
"data_path": "action_result.status",
"data_type": "string",
"column_name": "status",
"column_order": 1
},
{
"data_path": "action_result.message",
"data_type": "string"
},
{
"data_path": "summary.total_objects",
"data_type": "numeric"
},
{
"data_path": "summary.total_objects_successful",
"data_type": "numeric"
},
{
"data_path": "action_result.data.0.Threat Level",
"data_type": "string",
"column_name": "threat level",
"column_order": 2
},
{
"data_path": "action_result.data.1.Threat Categories",
"data_type": "string",
"column_name": "threat categories",
"column_order": 3
},
{
"data_path": "action_result.data.2.Acceptable Use Policy Categories",
"data_type": "string",
"column_name": "Acceptable Use Policy Categories",
"column_order": 4
}
],
"render": {
"type": "table"
},
"versions": "EQ(*)"
}
],
"copied_from_id": 190,
"copied_from_version": "1.0.0",
"directory": "talosintelligence_50612f98-f830-451b-a90c-26cf82593a54",
"version": 1,
"appname": "-",
"executable": "spawn3",
"disabled": false,
"custom_made": true,
"pip39_dependencies": {
"wheel": [
{
"module": "anyio",
"input_file": "wheels/py3/anyio-4.4.0-py3-none-any.whl"
},
{
"module": "exceptiongroup",
"input_file": "wheels/py3/exceptiongroup-1.2.2-py3-none-any.whl"
},
{
"module": "h11",
"input_file": "wheels/py3/h11-0.14.0-py3-none-any.whl"
},
{
"module": "h2",
"input_file": "wheels/py3/h2-4.1.0-py3-none-any.whl"
},
{
"module": "hpack",
"input_file": "wheels/py3/hpack-4.0.0-py3-none-any.whl"
},
{
"module": "httpcore",
"input_file": "wheels/py3/httpcore-1.0.5-py3-none-any.whl"
},
{
"module": "httpx",
"input_file": "wheels/py3/httpx-0.27.2-py3-none-any.whl"
},
{
"module": "hyperframe",
"input_file": "wheels/py3/hyperframe-6.0.1-py3-none-any.whl"
},
{
"module": "pydantic",
"input_file": "wheels/py39/pydantic-1.10.13-cp39-cp39-manylinux2014_x86_64.manylinux_2_17_x86_64.whl"
},
{
"module": "sniffio",
"input_file": "wheels/py3/sniffio-1.3.1-py3-none-any.whl"
},
{
"module": "typing_extensions",
"input_file": "wheels/py3/typing_extensions-4.12.2-py3-none-any.whl"
}
]
}
}
Loading

0 comments on commit 79785f3

Please sign in to comment.